Bus Pass Management System is a bus pass management system. v1.0 of Bus Pass Management System is vulnerable to a cross-site scripting vulnerability that stems from the lack of data validation filtering of user-supplied data and output in the parameters pagedes and About Us. An attacker could exploit this vulnerability to execute JavaScript code on the client side.